Lee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 9 months agoBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPMwww.tomshardware.comexternal-linkmessage-square71fedilinkarrow-up1750arrow-down118cross-posted to: hackernews@lemmy.smeargle.fans
arrow-up1732arrow-down1external-linkBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPMwww.tomshardware.comLee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 9 months agomessage-square71fedilinkcross-posted to: hackernews@lemmy.smeargle.fans
minus-squareEufalconimorph@discuss.tchncs.delinkfedilinkEnglisharrow-up7·9 months agoCPU doesn’t have any secure storage, so it can’t encrypt or authenticate comms to the TPM. The on-CPU fTPMs are the solution, the CPU then has the secure storage.
minus-squarebaseless_discourse@mander.xyzlinkfedilinkEnglisharrow-up2·9 months agoThat make sense, CPU has no place to store private keys, since that is the functionality of TPM… Unless there is a firmware solution, which defeats the purpose of a standalone tpm.
CPU doesn’t have any secure storage, so it can’t encrypt or authenticate comms to the TPM. The on-CPU fTPMs are the solution, the CPU then has the secure storage.
That make sense, CPU has no place to store private keys, since that is the functionality of TPM…
Unless there is a firmware solution, which defeats the purpose of a standalone tpm.